Systems and methods for establishing connections between devices communicating over a network

ABSTRACT

Systems and methods are described for establishing a connection between a client and a server that are each communicating via a network. The methods and techniques may be used, for example, to establish a media streaming connection between a media player and a placeshifting device when a firewall or other impediment to direct network connections exists. A relay server receives connection requests from the client and from the server via the network. In response to receiving the requests, a first connection is established between the relay server and the client and a second connection between the relay server and the server. Data received by the relay server on each of the first and second connections is relayed to the other of the first and second connections to thereby establish the connection between the client and the server via the relay server.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application claims priority to U.S. Non-Provisional applicationSer. No. 12/426,103, filed Apr. 17, 2009.

TECHNICAL FIELD

The present disclosure generally relates to systems and methods forestablishing connections between devices communicating over a network.Such systems and techniques may be useful, for example, in establishingconnections between devices that are logically separated from each otherby one or more firewalls. In various embodiments, the techniques andsystems described below may be used to establish streaming connectionsbetween media players and placeshifting devices that provide mediacontent across the network, although equivalent concepts could bereadily applied in any number of other applications and settings.

BACKGROUND

The Internet and other digital communications networks continue to havesignificant effects on every aspect of personal and professional life.Network communications are becoming increasingly ubiquitous due to thereduced cost and increased capability of portable computing devices, theincreasing prevalence and capability of mobile telephony and otherwireless communications technologies, and other factors. As a result,consumers are increasingly expecting access to data, entertainment andother media without regard to the physical or geographic proximity ofsuch content.

As an example, consumers have expressed significant interest in “placeshifting” devices that allow remote viewing of television or other mediacontent at locations other than the viewer's primary television set.Place shifting devices typically packetize media content that can betransmitted over a local or wide area network to a portable computer,mobile phone, personal digital assistant, remote television or otherremote device capable of playing back the packetized media stream forthe viewer. Placeshifting therefore allows consumers to view their mediacontent from remote locations such as other rooms, hotels, offices,and/or any other locations where portable media player devices can gainaccess to a wireless or other communications network. Other media andother data-intensive applications are similarly enjoying widespreadconsumer interest.

While modern computing and network technologies allow increased mobilityand improved access to desired content, a tradeoff often exists betweenaccess and security. Although firewalls and other structures caneffectively preserve network security, these same structures can havethe undesired effect of preventing access to desired services. To useplaceshifting as an example, it may be very challenging to establish aconnection between a placeshifting device and a media player if afirewall or other security structure resides between the two entitiesthat wish to communicate. In addition to preventing undesired access tothe secure network, then, a firewall may prevent legitimate and desiredaccess to placeshifting or other services, particularly if the firewallis incorrectly or incompletely configured by the user.

Challenges can frequently arise in effectively establishing connectionsbetween clients and servers for placeshifting, media streaming and/orother applications. It is therefore desirable to create systems andmethods for reliably and conveniently establishing connections betweenclients and servers across a network. These and other desirable featuresand characteristics will become apparent from the subsequent detaileddescription and the appended claims, taken in conjunction with theaccompanying drawings and this background section.

BRIEF SUMMARY

According to various exemplary embodiments, systems and methods aredescribed for establishing connections between client and server devicesthat are each communicating via a network. Certain methods andtechniques described below may be used in some instances to establishmedia streaming connections between media players and placeshiftingdevices when firewalls or other impediments to direct networkconnections exist. Other embodiments may be equivalently used in othersettings, including any settings relating to media streaming or thelike.

In various embodiments, a method of establishing a media-streamingconnection between a media player and a placeshifting device that areeach communicating via a network is provided. A relay server receives afirst request associated with the media player and a second requestassociated with the placeshifting device. In response to receiving thefirst and second requests, a first connection is established between therelay server and the media player and a second connection is establishedbetween the relay server and the placeshifting device. Data received bythe relay server on each of the first and second connections is relayedto the other of the first and second connections to thereby establishthe media streaming connection between the media player and theplaceshifting device via the relay server.

In other embodiments, a method is provided for establishing a connectionvia a relay server between a client device and a server device that areeach communicating via a network. A connectionless session is firstattempted between the client device and the server device across thenetwork. If the connectionless session is unsuccessful, the client andthe server are directed to contact the relay server via the network,wherein the server is directed by a message transmitted via apre-existing connection over the network. In response to the client andserver subsequently contacting the relay server, a first connection isestablished between the relay server and the client and a secondconnection is established between the relay server and the server. Datareceived by the relay server on each of the first and second connectionsis then relayed to the other of the first and second connections tothereby establish the connection between the client and the server viathe relay server.

In still other embodiments, a system is provided for establishing amedia-streaming connection between a media player and a placeshiftingdevice that are each communicating via a network. A relay manager moduleis configured to receive a request to establish the media-streamingconnection between the media player and the placeshifting device. Arelay instance module is configured to establish, in response to therequest, a first connection with the media player and a secondconnection with the placeshifting device, and to relay data received oneach of the first and second connections to the other of the first andsecond connections to thereby establish the media streaming connectionbetween the media player and the placeshifting device.

Various embodiments, aspects and other features are described in moredetail below.

BRIEF DESCRIPTION OF THE DRAWING FIGURES

Exemplary embodiments will hereinafter be described in conjunction withthe following drawing figures, wherein like numerals denote likeelements, and

FIG. 1 is a block diagram of an exemplary system for establishing andsupporting relay connections between a client node and a server node;

FIG. 2 is a message flow diagram showing an exemplary process forreliably establishing connections between a client and a server; and

FIG. 3 is a flowchart of an exemplary process for establishing a relayconnection between a client node and a server node.

DETAILED DESCRIPTION

The following detailed description of the invention is merely exemplaryin nature and is not intended to limit the invention or the applicationand uses of the invention. Furthermore, there is no intention to bebound by any theory presented in the preceding background or thefollowing detailed description.

According to various embodiments, a relay server can establish separateconnections with a client and a server to effectively bridgecommunications between the two devices when a direct connection is notavailable. A relay server could establish separate connections with amedia player and with a placeshifting device, for example, and couldsubsequently relay data between the two connections as needed. Further,although the two connections established between the relay server andeither or both of the client and the server could be implemented usingany protocols or techniques, in some implementations the connections arereliable connections (e.g., transmission control protocol (TCP)connections) that can be originated from behind the firewall. Byproviding a relay server that is able to relay information between twoseparate connections to the client and server, users are provided with avery dependable mechanism for easily establishing client-serverconnections. Moreover, much of the information needed to configure sucha connection can be readily automated in many implementations, therebydramatically improving the likelihood of successful connections betweenclients and servers while simultaneously reducing the complexity (andtherefore the frustration) associated with configuring such connections.

Although the following discussion often refers to placeshifting devicesand techniques for convenience of illustration, equivalent embodimentscould apply the same structures and methods described herein in anynumber of other settings. Indeed, the techniques described herein couldbe readily used to establish communications between any sorts of clientsand/or servers over any sort of network. Examples of such applicationscould include any sort of media streaming applications, any sort ofmedia sharing or storage applications, or any other application in whicha client is attempting to establish a connection with a server that islogically isolated from the client via a firewall or other securitymechanism.

Turning now to the drawing figures and with initial reference to FIG. 1,an exemplary network system 100 for establishing a connection between aclient 102 and a server 104 over a network 110 suitably includes a relaysystem 116 that relays data between two connections separatelyestablished with client 102 and server 104. System 100 therefore allowsclient 102 and server 104 to communicate using relay system 116 eventhough a firewall 106 would otherwise prevent direct communicationsbetween client 102 and server 104, as described more fully below.

Client 102 is any device, component, module, hardware, software and/orother network node capable of receiving streaming, file based and/orother data provided by one or more servers 104 via network 110. Client102 may be implemented with any sort of hardware, software, firmwareand/or the like, including any sort of general or special purposecomputing platform. In various embodiments, client 102 is personalcomputer (e.g., a “laptop” or similarly portable computer, althoughdesktop-type computers could also be used), a mobile phone, a personaldigital assistant, a set-top box (STB), an audio/video receiver of anysort, a video game player, a navigation device, a personal media player(such as the ARCHOS products available from the Archos company of Igny,France) or the like. In many embodiments, client 102 is a generalpurpose computing device that includes a media player or otherapplication in software or firmware that is capable of securelyconnecting to server 104, as described more fully below, and ofreceiving and presenting content to the user of the device asappropriate. In other embodiments, however, client 102 is a standaloneor other separate hardware device capable of receiving data via anyportion of network 110 and of decoding the received data to provide anappropriate output to the user (e.g., an output on a television or otherdisplay). One example of a standalone media receiver product that couldbe used in some embodiments is the SLINGCATCHER product available fromSling Media of Foster City, Calif., although other products could beequivalently used.

Server 104 is any component, hardware, software logic and/or the likethat is capable of transmitting packetized data over network no. In someembodiments, the packetized data is a packetized stream of media contentin MPEG, Quicktime, Windows Media, Real Media, or any other format,although any sort of streaming, file based and/or other data could beequivalently applied in other embodiments. Server 104 may be implementedwith any sort of general or special purpose hardware, software and/orfirmware, including any sort of conventional personal computer,workstation or other server system.

Several examples of servers 104 suitable for use in placeshiftingapplications may be implemented using any of the various SLINGBOXproducts available from Sling Media of Foster City, Calif., althoughother products or servers 104 could be used in other embodiments. Manydifferent types of placeshifting devices are generally capable ofreceiving media content from an external source, such as any sort ofdigital video recorder (DVR), set top box (STB), cable or satelliteprogramming source, DVD player, and/or the like. In other embodiments,server 104 may be integrated with any sort of content-receiving or othercapabilities. Server 104 may be a hybrid STB or other receiver, forexample, that also provides transcoding and placeshifting features. Sucha device may receive satellite, cable, broadcast and/or other signalsthat encode television programming or other content received from anantenna, modem, server and/or other source. The receiver may furtherdemodulate or otherwise decode the received signals to extractprogramming that can be locally viewed and/or place shifted to a remoteclient 102 as appropriate. Such devices may also include a contentdatabase stored on a hard disk drive, memory, or other storage medium tosupport a personal or digital video recorder (DVR) feature or othercontent library as appropriate. Hence, in some embodiments, a mediasource may be physically and/or logically contained within a commoncomponent, housing or chassis with server 104. Examples of conventionalplaceshifting functions, features, systems and structures are describedin United States Patent Publication No. 2006/0095471, although thefeatures described herein could be equivalently applied with any numberof other techniques and structures in addition to those described inthat particular publication.

In still other embodiments, server 104 is a software program, applet orthe like executing on a conventional computing system (e.g., a personalcomputer). In such embodiments, server 104 may encode, for example, someor all of a screen display typically provided to a user of the computingsystem for placeshifting to a remote location. One device capable ofproviding such functionality is the SlingProjector product availablefrom Sling Media of Foster City, Calif., which executes on aconventional personal computer, although other products could be used aswell. And again, the types of clients 102 and servers 104 used in system100 are not limited to placeshifting devices; any other clients 102 andservers 104 that are capable of communicating on network 110 could beequivalently applied.

In other embodiments, server 104 simply provides streaming, file-basedand/or any other sort of information on network 110, including responsesto database queries or the like. As noted above, the present featuresare not limited to placeshifting applications, and may be used with anyconventional server 104 device or application operating on network 110.

Network 110 is any digital or other communications network capable oftransmitting messages between senders (e.g., server 104) and receivers(e.g., client 102). In various embodiments, network 110 includes anynumber of public or private data connections, links or networkssupporting any number of communications protocols. Network 110 mayinclude the Internet, for example, or any other network based uponTCP/IP or other conventional protocols. In various embodiments, network110 also incorporates a wireless and/or wired telephone network, such asa cellular communications network for communicating with mobile phones,personal digital assistants, and/or the like. Network 110 may alsoincorporate any sort of wireless or wired local area networks, such asone or more IEEE 802.3 and/or IEEE 802.11 networks.

As noted above, direct connections between client 102 and server 104 maynot always be available due to the presence of one or more firewalls106. Firewall 106 represents any sort of hardware, software and/orcombination of hardware and software that is used to restrictconnections between a client 102 and a server 104. Firewalls 106 may beimplemented using dedicated hardware in some instances, although inother cases firewall 106 may be implemented with an architecture ofserver and/or client systems, router controls (e.g., access controllists (ACLs)) and/or the like. Often, a firewall is simply a featureimplemented within a router, such as a router used to provide aninterface between a home or office LAN and a cable, fiber optic, digitalsubscriber line (DSL) and/or other provider connection, as desired.

When a firewall 106 or other feature prevents direct connections betweenclients 102 and servers 104, then other techniques for establishingconnections may be attempted. A mediation server 112, for example, maybe used to support connections using user datagram protocol (UDP) or thelike. Mediation server 112 therefore serves as a sort of “gatekeeper”machine that establishes indirect connections between client 102 andserver 104, and handles the synchronizing details between client andserver as well as communicating with the rest of system 100.

In many implementations, mediation server 112 is able to establish UDPor other connectionless sessions with both client 102 and server 104. Asa client 102 requests connection to a server 104 that is already incommunication with the mediation server, the two parties to the proposedsession can often simply exchange UDP (or other) parameters and continuecommunicating. This technique is often referred to as “UDP holepunching”, and is often based upon conventional network addresstranslation (NAT) techniques. Such techniques are often unsuccessful,however, particularly when the client 102 and server 104 are separatedby a relatively sophisticated firewall 106 (e.g., a firewall associatedwith many corporate networks) that may recognize that the partyoriginally involved in establishing the UDP session (e.g., the mediationserver 112) is no longer the party involved in communications after theclient 102 assumes the parameters previously used with server 112.Moreover, UDP or similar sessions may involve some manual configurationby the user, which can be inconvenient and often difficult, particularlyto relatively unsophisticated users. When neither direct connection norUDP-type proxy service is available to the user, it would be desirableto provide an additional connection feature that nevertheless allows theclient 102 to communicate with server 104.

Various embodiments therefore provide a relay system 116 that is capableof establishing separate connections with the client 102 and the server104 and relaying information between the two connections to therebycreate a bridged connection between the client 102 and server 104. Tothat end, relay system 116 suitably includes one or more relay servers120 that are capable of establishing and processing the variousconnections between any number of clients 102 and servers 104. Invarious embodiments, each relay server 120 includes a relay managermodule 122 that invokes any number of relay instances 124 that processrelay sessions in response to received requests for connections, asdescribed more fully below. Relay manager module 122 may also interactwith a database 126 and/or an administrative interface 128 to controlaccess to the relay function, to implement business rules, and/or totake other actions as desired.

In various embodiments, load balancing 118 may also be provided toallocate relay servers 120 and/or other resources efficiently andeffectively. Load balancing 118 may be implemented using any combinationof hardware and/or software resources, and may be based upon networktraffic, processor loads on servers 120, geographic distribution ofclients 102 and/or servers 104, and/or any other factors as appropriate.

In various embodiments, each relay server 120 is implemented usingconventional computer server hardware and software. Each relay server120 may be implemented, for example, with a server computer system thatis based upon any processor, architecture and/or operating system. Invarious embodiments, each relay server 120 is an actual or virtualcomputer system executing an operating system such as any version of theLINUX, UNIX, SOLARIS, NETWARE, WINDOWS, OS/X, AIX or other operatingsystems, and/or the like. The various UNIX/LINUX operating systemstypically provide a computing core that is capable of executing a relaymanager module 122 as an application, as well as any number of daemons,processes, applications or other relay instance modules 124 as desired.In an exemplary embodiment, relay manager module 122 is implementedusing the JAVA environment available from Sun Microsystems of Sunnyvale,Calif., with the relay instance modules 124 implemented withconventional C, C++ or other programming. Other embodiments mayimplement the various components of system 116 using any otherprogramming languages, scripting languages, development or executionenvironments, and/or the like.

In an exemplary embodiment, when a request for a relay connection isreceived from a mediation server 112, client 102 or other requestingparty, the relay manager module 122 allocates incoming port numbers onserver 120 to the connection and invokes a new relay instance 124 toprocess the connection. The instance receives the assigned port numbersand waits until both the client 102 and server 104 have contacted therelay server 120 to request connections. Requests from client 102 andserver 104 are received at system 116 and forwarded to the appropriateports by load balancing features 118 or the like. Although connectionsmay be established using TCP, UDP or any other protocols, in variousembodiments the connections are originated by client 102 and server 104using TCP protocols to aid in traversing any firewalls 106 that may beintervening. Because most firewalls 106 do not block TCP connectionsthat originate from within the trusted network, such connections can bevery effective in establishing communications through the relay server120.

After establishing separate connections with client 102 and server 104,relay instance 124 suitably relays data received on each connection tothe other connection to create a virtual channel between client 102 andserver 104. This virtual connection may be maintained or terminated atany time, based upon any criteria. In various embodiments, relayinstance 125 tracks the elapsed time since the connection began and/orthe amount of data processed thoughout the course of the connection.This information may be shared with relay manager 122 to terminate theconnection after a pre-determined period of time or a pre-determinedamount of traffic has been processed. Time and bandwidth consumption maybe further stored in database 126 to allow further authentication,authorization and/or the like.

Communications from the server 104 with relay system 116 may beinitiated in any manner. In various embodiments, server 104 maintains arelatively constant connection with a messaging server 114 at a uniformresource locator (URL) or other network address that can be readilycontacted from behind firewall 106. Messaging server 114 may simply be aTCP server, for example, that is automatically accessed when server 104starts up. In such cases, server 104 contacts the messaging server 114on startup (or on some other temporal basis), establishes a TCP orsimilar connection, and then awaits further action. This connection maybe kept alive using relatively low bandwidth “keep alive” features thatare part of the TCP protocol. By pre-establishing the connection fromthe server 104 to the messaging server 114, a channel is maintained thatcan be used to send instructions or requests to the server 104, eventhough the server is behind a firewall 106. This is because many routersused in firewalls 106 will allow outgoing TCP connections that areoriginated within the trusted space while disallowing incoming TCP (andother) connections. After establishing a TCP or other connection fromthe server 104 to message server 114, that pre-existing connection canbe used to transmit an instruction to server 104 to establish a separateconnection with the relay server 116. This second connection can beestablished as another outgoing TCP (or other protocol) communicationthat is not likely to be blocked by firewall 106. That is, messageserver 114 can transmit an instruction over the pre-existing channelthat directs server 104 to separately contact the relay server. Thisinstruction may optionally include information about the client 102 orother party that is requesting the connection, although this informationneed not be present in all embodiments. When instructed to do so, server104 suitably establishes a TCP or other connection with the relay serverthat can be used to transmit data to client 102, as described more fullybelow.

As noted above, the relay server 116 can establish connections with boththe client 102 and the server 104 so that data can be relayed from oneconnection to another. While the relaying of data does place additionalprocessing loads upon server 116, this does create a very convenient andeffective mechanism for establishing connections between the client andserver.

Turning now to FIG. 2, an exemplary process 200 for establishing aconnection between a client 102 and a server 104 over network 110 isshown. In this example, client 102 initially attempts to establish adirect connection 202 with the server 104, but this connection 202 isblocked by firewall 106.

Following an unsuccessful attempt to create a direct connection, client102 attempts to create a mediated connection 205 using mediation server112. In this scenario, client 102 sends message 204 to mediation server112 to request a UDP (or other) session 210 with the mediation server112. Server 104 similarly transmits a request 206 to establish a UDPsession 208 with the mediation server 112; this request 206 from server104 may be sent at any time, including at times prior to client 102sending message 204. Server 104 may automatically contact mediationserver 112 with message 206 upon startup, for example, so that a UDPsession 208 is already available when client 102 requests access toserver 104. After both client 102 and server 104 are communicating witha common proxy (e.g., server 112), the proxy may forward UDP (or other)information associated with client 102 to server 104, and vice versa, inhopes that the client 102 and server 104 can directly communicatethereafter using the shared UDP information from the proxy server, asindicated by sessions 212 and 213 in FIG. 2. As noted above, however,many firewalls 106 will not allow such connections.

Again recalling that server 104 has previously established a TCP orother reliable connection 214 with a message server 114, thispre-existing connection 214 can be used to establish a relay connectionfrom server 104 to relay server 116. When a proxy-type connection isunsuccessful, message server 114 suitably directs server 104 (viamessage 218) to initiate a separate connection with relay system 116.While FIG. 2 shows message 218 as being sent from message server 114 toserver 104, this message 218 can be initiated in response to a request216 received from any number of sources. In various embodiments,mediation server 112 sends request 216 to message server 114 to instructthe server 104 to contact relay server 116. In other embodiments,request 216 is transmitted by the client 102 to initiate instructionmessage 218. In either event, the pre-existing connection 214established from server 104 to message server 114 is used to direct theserver 104 to contact relay system 116 as appropriate. When directed todo so, server 104 sends request 220 to the relay server 116. Thisrequest 220 is appropriately processed at system 116 to createconnection 226 using TCP, UDP, and/or any other appropriate protocol.

Connections between relay system 116 and client 102 may be establishedin any manner. In the exemplary embodiment shown in FIG. 2, eitherclient 102 or mediation server 112 initiates a request 222 that resultsin connection 224 between relay server 116 and client 102. Request 222may be initiated in response to an instruction from mediation server 112to client 102 when a proxy connection is unsuccessful. Otherembodiments, however, may initiate request 222 in any other manner.Again, if client 102 initiates the connection using TCP, then theensuing connection 224 is very likely to pass through any interveningfirewalls 106 without significant issue. Other embodiments, however, mayuse UDP or other protocols as appropriate.

Once connections 224 and 226 are in place, then relaying of data betweenclient 102 and server 104 can proceed as described above over the relayconnection 228. In a placeshifting application, for example, streamingmedia can be provided over a connection 228 from a placeshifting server104 to be played on a media player client 102. In such embodiments, itmay be desirable to limit the bit rate, frame rate, resolution or otherencoding parameters of the media stream during relay transmission inorder to reduce concerns about bandwidth and processing capability onservers 120. This limit could be imposed by, for example, instructionstransmitted to server 104 from relay server 116 or another source, asdesired. Alternately, firmware or other instructions in server 104 mayconfigure encoding, streaming or other features as desired whenever aconnection is made through relay server 116. Again, other features andimplementations could be contemplated in addition to placeshifting.

Turning now to FIG. 3, an exemplary method 300 for establishing aconnection between a client 102 and a server 104 suitably includes thebroad steps of receiving requests 222, 220 from client 102 and server104, respectively, at a relay server 120 (function 310); establishingthe two connections 224, 226 between client 102 and server 104 (function314); and relaying data between the two connections 224, 226 at therelay server 120 (function 316) to establish the relay connection 228.Other embodiments may provide additional features as well, such asapproving the relay connection (function 312), discontinuing the relayconnection after time or bandwidth limits are exceeded (function 318),and/or the like.

As noted above, relay connections do consume resources on server 120, soit may be desirable in many embodiments to encourage clients 102 toattempt direct connections (functions 302 and 304) and/or mediatedconnections (functions 306 and 308) prior to attempting a relayconnection. In the event that direct and/or mediated connections areunsuccessful, then the relay connection may be attempted. Any number ofrules or procedures could be implemented to govern if and when the relayfeature is available to any particular user, client 102 and/or server104. In the exemplary embodiment shown in FIG. 3, relay connectionsusing server 120 are attempted after a direct connection (function 302)and a mediated (e.g., UDP) connection (function 306) have both beenunsuccessful (functions 304, 308). Other embodiments may allow users tomanually force a relay connection, or to automatically initiate a relaycondition when it is known (or when it can be confidently assumed) thata direct or mediated connection will be unsuccessful. Such features maybe coded into a media player or other client application executing atclient 102, and/or may be enforced using business rules stored indatabase 126 or the like.

As noted above, relay server 120 creates the relay connection 228 inresponse to connection requests 220, 222 received from server 104 andclient 102, respectively. In an exemplary embodiment, a relay instance124 monitors ports identified by the relay manager module 122 for anappropriate period of time. If requests 220 and 222 are received priorto the expiration of an appropriate timeout period (e.g., on the orderof several seconds or so), then processing continues. If no request isreceived from either or both of the client 102 or server 104, then theconnection can be aborted.

Connections can be approved or rejected according to any suitable rules(function 312). As noted above, any number of business rules could beimplemented to limit or restrict access to the relay server. Such rulesmay include limiting the feature to particular users, particularservers, and/or particular clients. In still other embodiments, users(or servers, or clients) could be restricted in the number of relayservices that are allowed. Such a restriction could be an aggregatenumber (e.g., for the lifetime of the client or server), or could re-setafter any appropriate period of time (e.g., ten relay connections permonth).

Users may be identified with a userid/password, digital signature,biometric identification, or any other digital credential. Clients 102and servers 104 may be similarly identified by any sort of digitalcredential, including any sort of digital signature or other identifier(e.g., a serial number, MAC address, and/or the like). Such informationmay be contained in requests 220 and/or 222, and may be compared againstinformation stored in database 126 or elsewhere as desired. Approval canbe processed by the relay manager module 122 in many embodiments,although other embodiments may process approval using the relay instance124, an administrative feature 128, and/or any other feature as desired.

If approval is granted, then the connections 224 and 226 are establishedfrom the relay server 120 (function 314) and relaying of data betweenthe client 102 and server 104 can commence over the relay connection 228(function 316). In various embodiments, data stored within database 126and/or in the relay instance 124 can be used to discontinue connection228 according to appropriate rules. In some embodiments, it may bedesirable to discontinue all connections (or just connections associatedwith particular clients, servers or users) after a pre-determined periodof time (e.g., thirty minutes or so, although other embodiments may uselonger or shorter times) or after a pre-determined amount of data hasbeen processed (e.g., ten gigabytes/month, or any other value) (function318). The particular rules and parameters implemented will vary fromembodiment to embodiment; any number of rules could be implemented usingthe rules engine of database 126 as desired.

Generally speaking, the various steps of method 300 may be carried outwith any sort of hardware, software and/or firmware logic within system100. Method 300 may be carried out, for example, by a relay server 120(FIG. 1) operating in conjunction with any appropriate client 102 and/orserver 104 as appropriate. FIG. 3 also shows functions 302, 304, 306,308 relating to attempting direct and mediated connections, as describedabove. In practice, these features may be carried out by client 102 orserver 104 rather than by relay server 120. In various embodiments, thevarious steps of method 300 are carried out in response to software orfirmware instructions stored in a memory, or on a disk drive and/orother storage associated with relay server 120 and/or client 102. Suchinstructions may be executed by any processor and/or other processingfeatures within server 120, client 102 and/or the like. The particularmeans used to implement each of the various functions shown in FIG. 3,then, could be any sort of processing hardware (such as server 120,client 102 and/or server 104 of FIG. 1) executing conventional softwarelogic in any format.

As described herein, then, new systems and techniques for establishingconnections between clients and servers over a digital network have beendescribed. Various techniques described herein allow clients and serversto separately establish TCP or other connections with a relay serverthat effectively relays data between the two connections to establish avirtual point-to-point link between the client and server. By allowingeach of the client and the server to initiate connections with a commonrelay service, firewalls that would otherwise prevent direct connectionsbetween the client and server can be traversed, thereby allowing datatransfer or other communications between the client and server withoutcompromising the security of the network. This service could be used tosupport placeshifting or other streaming media applications by allowinga placeshifting server device to stream media data to the relay server,which in turn relays the received stream to the media player client.Equivalent embodiments could provide similar features for transfer ofany stream, file-based, packet-based or other data in any format.

The term “exemplary” is used herein to represent one example, instanceor illustration that may have any number of alternates. Anyimplementation described herein as exemplary is not necessarily to beconstrued as preferred or advantageous over other implementations. Whileseveral exemplary embodiments have been presented in the foregoingdetailed description, it should be appreciated that a vast number ofalternate but equivalent variations exist, and the examples presentedherein are not intended to limit the scope, applicability, orconfiguration of the invention in any way. To the contrary, variouschanges may be made in the function and arrangement of elementsdescribed without departing from the scope of the claims and their legalequivalents.

What is claimed is:
 1. A method of establishing a media streamingconnection between a media player and a placeshifting device that areeach communicating via a network, the method comprising: receiving, by arelay server, a first request associated with the media player and asecond request associated with the placeshifting device; in response toreceiving the first and second requests, establishing a first connectionbetween the relay server and the media player and a second connectionbetween the relay server and the placeshifting device; and relaying datareceived by the relay server on each of the first and second connectionsto the other of the first and second connections to thereby establishthe media streaming connection between the media player and theplaceshifting device via the relay server.
 2. The method of claim 1wherein the first and second connections are transmission controlprotocol (TCP) connections.
 3. The method of claim 1 wherein thereceiving occurs in response to an unsuccessful user datagram protocol(UDP) connection between the media player and the placeshifting device.4. The method of claim 1 wherein the receiving occurs in response to anunsuccessful attempt to establish a direct connection between the mediaplayer and the placeshifting device.
 5. The method of claim 1 furthercomprising directing the placeshifting device to send the second requestto the relay server.
 6. The method of claim 5 wherein the directingcomprises directing a message to be sent to the placeshifting deviceacross a pre-established connection with the placeshifting device viathe network.
 7. The method of claim 1 further comprising discontinuingthe media streaming connection after a pre-determined time has elapsed.8. The method of claim 1 further comprising discontinuing the mediastreaming connection after a pre-determined amount of data has beenrelayed.
 9. The method of claim 1 further comprising approving the mediastreaming connection prior to establishing the first and secondconnections based upon identification information associated with atleast one of the placeshifting device, the media player, and a user ofthe placeshifting device.
 10. The method of claim 1 further comprisingapproving the media streaming connection prior to establishing the firstand second connections based upon identification information containedin at least one of the first and second requests.
 11. A method ofestablishing a connection via a relay server between a client and aserver that are each communicating via a network, the method comprising:first attempting to establish a connectionless session across thenetwork between the client device and the server; if the connectionlesssession is unsuccessful, directing the client and the server to contactthe relay server via the network; in response to the client and theserver subsequently contacting the relay server, establishing a firstconnection between the relay server and the client and a secondconnection between the relay server and the server; and relaying datareceived by the relay server on each of the first and second connectionsto the other of the first and second connections to thereby establishthe connection between the client and the server via the relay server.12. The method of claim 11 wherein the connectionless session is a userdatagram protocol (UDP) session, and wherein the first and secondconnections are transmission control protocol (TCP) connections.
 13. Asystem for establishing a media streaming connection between a mediaplayer and a placeshifting device that are each communicating via anetwork, the system comprising: a relay manager module configured toreceive a request to establish the media streaming connection betweenthe media player and the placeshifting device; and a relay instancemodule configured to establish, in response to the request, a firstconnection with the media player and a second connection with theplaceshifting device, and to relay data received on each of the firstand second connections to the other of the first and second connectionsto thereby establish the media streaming connection between the mediaplayer and the placeshifting device.
 14. The system of claim 13 whereinthe first and second connections are transmission control protocol (TCP)connections.
 15. The system of claim 13 further comprising a databaseconfigured to store information, and wherein the relay manager module isconfigured to allow or disallow the media streaming connection basedupon the information stored in the database.
 16. The system of claim 15wherein the information stored in the database comprises an elapsed timethat the media streaming connection has been established, and whereinthe relay manager module is further configured to disallow the mediastreaming connection when the elapsed time exceeds a pre-determinedvalue.
 17. The system of claim 15 wherein the information stored in thedatabase comprises a total time that the placeshifting device has usedthe system, and wherein the relay manager module is further configuredto disallow the media streaming connection when the total time exceeds apre-determined allowed value.
 18. The system of claim 15 wherein therelay instance module is configured to establish the first and secondconnections by directing the media player and the placeshifting deviceto contact the relay instance module via the network, and wherein theplaceshifting device is directed by a message transmitted via apre-existing connection over the network.
 19. The system of claim 15further comprising a mediation server configured to attempt to connectthe placeshifting device and the media player via the network using aconnectionless protocol, and, if the attempt to connect via theconnectionless protocol is unsuccessful, to initiate the request toestablish the media streaming connection between the media player andthe placeshifting device via a connection-based protocol.
 20. The systemof claim 15 further comprising a message server configured to establisha pre-existing connection with the placeshifting device across thenetwork using a connection-based protocol and to send a message to theplaceshifting device across the pre-existing connection that directs theplaceshifting device to establish the second connection.